StackPatch is liveSee product

Back to CVE digest
Ubuntu USN · USN-8251-1

libpng vulnerabilities

Published: Thu, 07 May 2026 13:37

CVE-2026-33416CVE-2026-33636CVE-2026-34757

Summary

Several security issues were fixed in libpng.

Details

It was discovered that libpng incorrectly handled memory when processing certain PNG files. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-33416) It was discovered that libpng incorrectly handled expanding 8-bit paletted rows to RGB or RGBA on ARM processors. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause libpng to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2026-33636) It was discovered that libpng incorrectly handled certain setter APIs. An attacker could possibly use this issue to obtain sensitive information. (CVE-2026-34757)

Recommended actions per Ubuntu release

StackPatch playbook auto-generated per release codename and per affected package.

Ubuntu jammy

  • libpng1.61.6.37-3ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.37-3ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng1.6

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng-dev1.6.37-3ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.37-3ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng-dev

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng-tools1.6.37-3ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.37-3ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng-tools

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng16-161.6.37-3ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.37-3ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng16-16

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu noble

  • libpng1.61.6.43-5ubuntu0.6apt_upgrade

    Standard apt upgrade. Install 1.6.43-5ubuntu0.6 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng1.6

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng-dev1.6.43-5ubuntu0.6apt_upgrade

    Standard apt upgrade. Install 1.6.43-5ubuntu0.6 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng-dev

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng-tools1.6.43-5ubuntu0.6apt_upgrade

    Standard apt upgrade. Install 1.6.43-5ubuntu0.6 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng-tools

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng16-16t641.6.43-5ubuntu0.6apt_upgrade

    Standard apt upgrade. Install 1.6.43-5ubuntu0.6 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng16-16t64

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Ubuntu questing

  • libpng1.61.6.50-1ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.50-1ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng1.6

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng-dev1.6.50-1ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.50-1ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng-dev

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng-tools1.6.50-1ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.50-1ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng-tools

    Most apt upgrades restart their service automatically. needrestart lists anything else.

  • libpng16-16t641.6.50-1ubuntu0.5apt_upgrade

    Standard apt upgrade. Install 1.6.50-1ubuntu0.5 from the apt repo.

    sudo apt-get update
sudo apt-get install --only-upgrade -y libpng16-16t64

    Most apt upgrades restart their service automatically. needrestart lists anything else.

Are YOU affected by USN-8251-1?

5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8251-1 (and any other live CVE) applies. Anonymous, no signup.

curl https://mindsparkstack.com/scan.sh | bash
Form-based quickscan Read the bash source first
Want this automated for your servers?

StackPatch runs this match against YOUR installed packages every hour

Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.

Buy lifetime →See StackPatch →Live audit log →